As computers become more deeply ingrained in the operations of everyday life, the need for securing information thereby becomes increasingly important. The need for confidentiality, authenticity and integrity applies to many types of information including corporate, governmental and personal information. With so much encryption necessary in everyday life it is therefore becoming necessary to perform encryption in a faster and more efficient manner.
Where a computer operates in a stand alone or client environment, cryptographic processing usually consists of a single discrete job or task, such as to encrypt data or to verify a digital signature. These jobs can occur infrequently and in a sporadic manner such that these tasks are typically not queued because there is usually a significant interval between job requests as presented to a client side cryptographic subsystem. In other words, the client environment is usually a low concurrency environment in which cryptographic tasks arrive at the cryptographic facility at a low rate. Thus, there is little or no need for queuing of tasks in this environment.
On the other hand a client-server environment can consist of high job arrival rates with the result that queues of cryptographic tasks develop waiting for service from the server cryptographic facility. A cryptographic job in a queue, usually consists of two data parts. One part of this job, the key data, has to do with setting up the keys and preparing to use them in a specific algorithm. Each algorithm has unique set up characteristics. For example, the Data Encryption Standard (DES) algorithm has different characteristics than the Advanced Encryption Standard (AES) algorithm. The second part of the job involves the work data and the actual operations an algorithm must perform on the data.
Whereas the need for cryptographic processing has increased dramatically, the development of cryptographic systems has not kept up with this need. In fact, many cryptographic systems in existence today are remnants of historically low concurrency processing environments. These subsystems have a monolithic structure in which a single cryptographic engine performs key data (i.e., key setup) and work data processing sequentially using the same engine. There is no attempt to pipeline these tasks even though they are amenable to a pipelining or look-ahead strategy.
Accordingly, there is a need to further improve the efficiency of pending cryptographic task performance. The present invention addresses this and related issues.